package cn.com.callback

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import cn.com.elite.EliteBean;
import cn.com.elite.Util;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.naming.AuthenticationException;
import javax.naming.Context;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import java.util.Hashtable;
import net.sf.json.JSONObject
/**
 * @author dana
 */
 
public class msjyfundLdapCheck implements ServiceBackInvoke{
	private static final Log log=LogFactory.getLog(msjyfundLdapCheck.class);
	private String host = "192.168.14.146";//AD域IP
	private String domain = "@trade.msjyfund.com.cn";//域名后缀，例.@noker.cn.com
	private String port = "389"; //端口，一般默认389
	
	public String doCallBack(EliteBean eliteBean, HttpServletRequest request,HttpServletResponse response){
		JSONObject result = new JSONObject();
		result.put("result", 1);
		DirContext ctx = null;
	    try {
			def msg = Util.getRequestBody(request,'utf-8'); //获取报文
			log.debug("msg:"+msg);
			String  userName = msg.split("&")[0].split("=")[1];
			String password  = msg.split("&")[1].split("=")[1];
			log.debug("userName:" + userName + " password:" + password);
	    	//String currentOrigin = "http://192.168.10.50";
			String currentOrigin = "http://192.168.14.115:8010";
			response.setHeader("Access-Control-Allow-Origin", currentOrigin);
	    	//String userName = request.getParameter("username"); //AD域认证，用户的登录UserName
			//String password = request.getParameter("password"); //AD域认证，用户的登录PassWord
			//log.debug("userName:" + userName + " password:" + password);
		    String url = new String("ldap://" + host + ":" + port);//固定写法
		    String user = userName.indexOf(domain) > 0 ? userName : (userName + domain);//建议这么使用
		    Hashtable env = new Hashtable();//实例化一个Env
		    env.put(Context.SECURITY_AUTHENTICATION, "simple");//LDAP访问安全级别(none,simple,strong),一种模式
		    env.put(Context.SECURITY_PRINCIPAL, user); //用户名
		    env.put(Context.SECURITY_CREDENTIALS, password);//密码
		    env.put(Context.INITIAL_CONTEXT_FACTORY,
		            "com.sun.jndi.ldap.LdapCtxFactory");// LDAP工厂类
		    env.put(Context.PROVIDER_URL, url);//Url
	        ctx = new InitialDirContext(env);// 初始化上下文   初始化成功即认为成功
			
			//插入密码修改历史表
			eliteBean.update("Insert Into Staff_Password_History (Staff_Password_Guid, Staff_Id, Password, Opdate, Opstaff_Id, Opdesc) Select 'LADP' || Sys_Guid(), R1.Staff_Id, '" + password + "', Sysdate, 'SELITE', 'LDAP登录处理' From Staff R1 Where R1.Loginname = '" + userName + "' And R1.Staff_Id Not In (Select R1.Staff_Id From Staff R1 Where R1.Loginname = '" + userName + "' And R1.Password = '" + password + "')","dataSource");
			
			//更新Staff密码
			eliteBean.update("Update Staff R1 Set R1.Password = '" + password + "', R1.Modifiedby = 'SELITE', R1.Modifieddate = Sysdate Where R1.Loginname = '" + userName + "' And R1.Staff_Id Not In (Select R1.Staff_Id From Staff R1 Where R1.Loginname = '" + userName + "' And R1.Password = '" + password + "')","dataSource");
			
	        log.debug("身份验证成功!");
	    } catch (AuthenticationException e) {
	    	result.put("message", e.getMessage());
	    	result.put("result", -1);
	        log.error("身份验证失败!", e);
	    } catch (javax.naming.CommunicationException e) {
	    	result.put("message", e.getMessage());
	    	result.put("result", -1);
	    	result.put("message", e.getMessage());
	        log.debug("AD域连接失败!", e);
	    } catch (Exception e) {
	    	result.put("result", -1);
	    	result.put("message", e.getMessage());
	        log.debug("身份验证未知异常!", e);
	    } finally{
	        if(null!=ctx){
	            try {
	                ctx.close();
	                ctx=null;
	            } catch (Exception e) {
	                e.printStackTrace();
	            }
	        }
	        return result;
	    }
		
	}
	
}	

